Vulnerability Development mailing list archives
Re: Remote buffer overflow in resolver code of libc
From: David Conrad <david.conrad () nominum com>
Date: Thu, 27 Jun 2002 08:24:36 -0700
Hi, On 6/26/02 4:50 PM, "Brett Glass" <brett () lariat org> wrote:
On individual machines, one could direct all queries to localhost and set up one's favorite name daemon (e.g. BIND or djbdns) to "sanitize" incoming responses.
My understanding is that this will work with BINDv9 since the cache synthesizes all responses returned to the requestor and a bad response wouldn't be synthesized. BINDv8 and BINDv4 will sometimes (in an attempt to be faster) simply pass the authoritative response on to the requestor (which is the bad thing). Don't have a clue about what dnscache or MS DNS would do. Rgds, -drc
Current thread:
- Remote buffer overflow in resolver code of libc Mark Lastdrager (Jun 26)
- Re: Remote buffer overflow in resolver code of libc Brett Glass (Jun 26)
- Re: Remote buffer overflow in resolver code of libc David Conrad (Jun 27)
- Does the libc (BIND-4) resolver bug affect MS DNS too? Mikael Olsson (Jun 28)
- Re: Remote buffer overflow in resolver code of libc Brett Glass (Jun 26)